hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,347 Commits 1,671 Branches 157 Tags
idrissrio/java-implicit
Commit Graph

2649 Commits

Author SHA1 Message Date
Asger F
8599ab2503 JS: Fix attributes nodes missing an enclosing callable 2025-03-11 16:47:48 +01:00
Asger F
6499e5458b JS: Restore line lost in merge 
'Accept incoming changes' in vscode somehow deleted this line.
 2025-03-11 13:19:29 +01:00
Asger F
e8c5e4d006 Merge branch 'main' into js/test-suite 2025-03-11 13:17:08 +01:00
Napalys Klicius
a4f2264f17 Merge pull request #18899 from Napalys/js/ecma-2024-regex 
JS: Add ECMAScript 2024 `v` Flag Operators for Regex Parsing
 2025-03-11 12:50:44 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
6a47678b60 JS: Fix broken alert comment in HeterogenousComparison 2025-03-10 14:23:43 +01:00
Asger F
c88eac486a JS: Remove stray $ Alert comment inside a doc comment 2025-03-10 14:23:42 +01:00
Asger F
0df893e280 JS: Remove blank lines and add trailing newline 2025-03-10 14:23:40 +01:00
Asger F
6fe3a368eb JS: Remove blank line and add trailing newline to file 2025-03-10 14:23:39 +01:00
Asger F
b9dd594d69 JS: Remove blank lines 2025-03-10 14:23:38 +01:00
Asger F
f7532c09e6 JS: Remove blank line 2025-03-10 14:23:37 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Napalys
9ea89cd63f Added a test case from #18854 2025-03-05 09:34:20 +01:00
Asger F
2a194a53af raw test output 2025-02-28 13:29:39 +01:00
Asger F
193b26e938 JS: Add query IDs 2025-02-28 13:29:37 +01:00
Asger F
33602ee52b JS: Convert some comments to JSX 2025-02-28 13:29:36 +01:00
Asger F
c67c5854ba Disable for more queries with alerts in JSON 2025-02-28 13:29:35 +01:00
Asger F
7bd01bf039 JS: Bulk update in UnneededDefensiveProgramming test 
The history of updates to this test got messed up so just squashing
into one commit.

Some possible regressions have been accepted, but the query is strangely
opinionated so it's just hard to say what it ought to flag.
 2025-02-28 13:29:33 +01:00
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
19cada38ff JS: Migrate a new file from OK-style comments 2025-02-28 13:29:29 +01:00
Asger F
fd6a9c6144 JS: Accept an alert 2025-02-28 13:29:27 +01:00
Asger F
b4ac2f7d73 JS: Add a query ID 2025-02-28 13:29:26 +01:00
Asger F
87518ba60e JS: Update tainted-sendFile.js 
This file was added on main while this branch was in progress. Porting the whole file in one step.
 2025-02-28 13:29:25 +01:00
Asger F
bb67a0e9b0 JS: Remove outdated comment 2025-02-28 13:29:23 +01:00
Asger F
0496de6c8f JS: Accept alerts in UselessCharacterEscape 2025-02-28 13:29:22 +01:00
Asger F
aade1e863d JS: Add a related location in UnusedOrUndefinedStateProperty 2025-02-28 13:29:21 +01:00
Asger F
8ef51c495f JS: Fix wrong expectation in UnusedOrUndefinedStateProperty 2025-02-28 13:29:19 +01:00
Asger F
87ed86e4fd JS: Update UnusedOrUndefinedStateProperty 
Using RelatedLocations to add clarity
 2025-02-28 13:29:18 +01:00
Asger F
605999454a JS: Accept more results in SpuriousArguments 2025-02-28 13:29:17 +01:00
Asger F
dc28bb527b JS: Fix alert location and use RelatedLocation in InsecureUrlWhitelist 2025-02-28 13:29:16 +01:00
Asger F
a1c13f02be JS: Remove alert marker that's reported on another line 
We had two 'NOT OK' comments for the same alert. The alert appears on the 'pref' object above.
 2025-02-28 13:29:14 +01:00
Asger F
2b33ed3671 JS: Remove incorrect alert marker 2025-02-28 13:29:13 +01:00
Asger F
6cf1334c6d Fix comment style in UnboundEventHandlerReceiver 2025-02-28 13:29:12 +01:00
Asger F
7623ebb13b JS: Accept changes in UseOfReturnlessFunction 2025-02-28 13:29:11 +01:00
Asger F
507a0918ad JS: More alert updates in UselessConditional 2025-02-28 13:29:10 +01:00
Asger F
e634b31c27 JS: Accept some UselessConditional alerts 2025-02-28 13:29:08 +01:00